PICA: Perl Installation and Configuration Agent

Miguel Armas del Río and Esteban Manchado Velázquez

At the ULPGC's (Universidad de Las Palmas de Gran Canaria, University of Las Palmas of Gran Canaria) Network Division, we administer several servers that run critical network services such as DNS, DHCP, network monitoring, etc. Because these services are critical, we run a number of scripts on every server to check sanity and try to fix basic error situations.

We needed a way to distribute all these scripts and the important services' configuration files from a centralized location with little differences to adapt them to each host. We also needed a way to register any change on the configuration files, to be able to detect when a particular error was introduced, and who did it, and we wanted to centralize all network incident notifications and alarm management.

To meet all these needs, we developed PICA (http://pica.ulpgc.es). With PICA, we have a central repository of configuration files and alarm scripts. This repository is managed using CVS, so we can recover old versions, see change logs, and let various admins work concurrently. Actually, every sys admin has a local copy of the working tree, and CVS does all the dirty work.

In this scenario, PICA is used to distribute the configuration files and alarm scripts to the various servers. PICA uses SSH to establish secure connections to the remote servers, which is very convenient, since we were already using SSH with RSA authentication to access all remote servers. The alarm scripts send incident notifications and service status reports to our central NetSaint (http://www.netsaint.org/) server using asynchronous checks (see NetSaint documentation). If a critical error is detected, an alarm is also sent via email and as a SMS message to the sys admin mobile phone.<>